doorkeeper 4.0.0.rc3 → 4.0.0.rc4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (59) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +2 -2
  3. data/CONTRIBUTING.md +2 -0
  4. data/Gemfile +4 -0
  5. data/NEWS.md +11 -1
  6. data/README.md +14 -20
  7. data/Rakefile +1 -1
  8. data/app/controllers/doorkeeper/application_metal_controller.rb +1 -1
  9. data/app/controllers/doorkeeper/tokens_controller.rb +1 -1
  10. data/app/helpers/doorkeeper/dashboard_helper.rb +13 -11
  11. data/doorkeeper.gemspec +1 -1
  12. data/lib/doorkeeper.rb +1 -1
  13. data/lib/doorkeeper/config.rb +6 -23
  14. data/lib/doorkeeper/helpers/controller.rb +1 -1
  15. data/lib/doorkeeper/models/access_grant_mixin.rb +2 -2
  16. data/lib/doorkeeper/models/access_token_mixin.rb +19 -15
  17. data/lib/doorkeeper/models/application_mixin.rb +3 -3
  18. data/lib/doorkeeper/models/concerns/ownership.rb +1 -1
  19. data/lib/doorkeeper/models/concerns/revocable.rb +1 -1
  20. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
  21. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +2 -1
  22. data/lib/doorkeeper/oauth/client_credentials_request.rb +4 -3
  23. data/lib/doorkeeper/oauth/code_response.rb +13 -14
  24. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +2 -1
  25. data/lib/doorkeeper/oauth/password_access_token_request.rb +6 -10
  26. data/lib/doorkeeper/oauth/refresh_token_request.rb +1 -1
  27. data/lib/doorkeeper/oauth/scopes.rb +2 -2
  28. data/lib/doorkeeper/oauth/token.rb +3 -4
  29. data/lib/doorkeeper/oauth/token_response.rb +1 -1
  30. data/lib/doorkeeper/orm/active_record.rb +0 -16
  31. data/lib/doorkeeper/orm/active_record/access_token.rb +8 -0
  32. data/lib/doorkeeper/orm/active_record/application.rb +2 -7
  33. data/lib/doorkeeper/rails/helpers.rb +1 -1
  34. data/lib/doorkeeper/rails/routes.rb +2 -1
  35. data/lib/doorkeeper/rails/routes/mapper.rb +1 -1
  36. data/lib/doorkeeper/request/password.rb +11 -1
  37. data/lib/doorkeeper/version.rb +1 -1
  38. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +1 -1
  39. data/lib/generators/doorkeeper/templates/migration.rb +2 -2
  40. data/spec/controllers/protected_resources_controller_spec.rb +10 -10
  41. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +2 -2
  42. data/spec/dummy/app/controllers/home_controller.rb +1 -1
  43. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +2 -2
  44. data/spec/dummy/config/environments/test.rb +0 -3
  45. data/spec/lib/config_spec.rb +1 -1
  46. data/spec/lib/oauth/authorization_code_request_spec.rb +1 -1
  47. data/spec/lib/oauth/password_access_token_request_spec.rb +5 -5
  48. data/spec/lib/oauth/refresh_token_request_spec.rb +14 -8
  49. data/spec/models/doorkeeper/access_token_spec.rb +18 -1
  50. data/spec/models/doorkeeper/application_spec.rb +1 -9
  51. data/spec/requests/flows/password_spec.rb +26 -5
  52. data/spec/requests/flows/refresh_token_spec.rb +2 -2
  53. data/spec/spec_helper_integration.rb +3 -0
  54. data/spec/support/helpers/model_helper.rb +27 -5
  55. data/spec/support/http_method_shim.rb +24 -0
  56. data/spec/support/shared/models_shared_examples.rb +1 -1
  57. metadata +4 -4
  58. data/lib/generators/doorkeeper/application_scopes_generator.rb +0 -34
  59. data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb +0 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7970dc66221f5d0ae37df19896a059af6583c3b4
4
- data.tar.gz: 9946ccd3e46137c0ed1e51430848ed0ea6e42c9d
3
+ metadata.gz: 8dc5d57a6b22f136349e84f529ef9a925553dd9f
4
+ data.tar.gz: a37456b60aa1dfa8f530fdb267d163838dcb9da5
5
5
  SHA512:
6
- metadata.gz: bf56405349f6d0c3e1402a57b962ba25c17dbd78116cb20045088bdf0981f2a2b7539f96d57afff02b00cf62273457b50b388f9fa45aad9cc38e6fd4e5a13b1f
7
- data.tar.gz: 6fccbea56797d79ebc29e33e9fc13139308e92a5e09f48f70b12a5f97088c9e9f4ded86e12bc7fa595c7517dad3b4ab76dbed4e0aa6d7306c437db114eb2b74a
6
+ metadata.gz: d97281f371ce8772fbdd540066a19d0dcae962ae7cac57fd05d1b877c7cb5923e42d080f8def9da8ceed8348251f1eae7b2459abca0c7c0cef44be91ceacefa8
7
+ data.tar.gz: 6dde7539983303cbefd28391b9a8617ee24ed1e2234c1e7cd80dae1896d2c100617be9cfc1b84715c82502a841caf11a7ed849c728cb123177572449cc657ab9
data/.travis.yml CHANGED
@@ -12,9 +12,9 @@ before_install:
12
12
 
13
13
  env:
14
14
  - rails=4.2.0
15
- - rails=5.0.0.beta3
15
+ - rails=5.0.0.rc1
16
16
 
17
17
  matrix:
18
18
  exclude:
19
- - env: rails=5.0.0.beta3
19
+ - env: rails=5.0.0.rc1
20
20
  rvm: 2.1
data/CONTRIBUTING.md CHANGED
@@ -26,6 +26,8 @@ Make the tests pass:
26
26
 
27
27
  rake
28
28
 
29
+ Add notes on your change to the `NEWS.md` file.
30
+
29
31
  Write a [good commit message][commit].
30
32
  Push to your fork.
31
33
  [Submit a pull request][pr].
data/Gemfile CHANGED
@@ -4,6 +4,10 @@ source "https://rubygems.org"
4
4
 
5
5
  gem "rails", "~> #{ENV["rails"]}"
6
6
 
7
+ if ENV['rails'].start_with?('5')
8
+ gem 'rspec-rails', '3.5.0.beta3'
9
+ end
10
+
7
11
  gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
8
12
  gem "sqlite3", platform: [:ruby, :mswin, :mingw]
9
13
 
data/NEWS.md CHANGED
@@ -2,7 +2,17 @@
2
2
 
3
3
  User-visible changes worth mentioning.
4
4
 
5
- ---
5
+ ## master
6
+
7
+ ## 4.0.0.rc4
8
+
9
+ - [#777] Add support for public client in password grant flow
10
+ - [#823] Make configuration and specs ORM independent
11
+ - [#745] Add created_at timestamp to token generation options
12
+ - [#838] Drop `Application#scopes` generator and warning, introduced for
13
+ upgrading doorkeeper from v2 to v3.
14
+ - [#801] Fix Rails 5 warning messages
15
+ - Test against Rails 5 RC1
6
16
 
7
17
  ## 4.0.0.rc3
8
18
 
data/README.md CHANGED
@@ -76,17 +76,11 @@ to generate the migration tables:
76
76
  rails generate doorkeeper:migration
77
77
 
78
78
  You may want to add foreign keys to your migration. For example, if you plan on
79
- using `User` as the resource owner, change the line in the migration
80
- file:
79
+ using `User` as the resource owner, add the following line to the migration file
80
+ for each table that includes a `resource_owner_id` column:
81
81
 
82
82
  ```ruby
83
- t.integer :resource_owner_id, null: false
84
- ```
85
-
86
- to:
87
-
88
- ```ruby
89
- t.references :user, foreign_key: true, null: false
83
+ add_foreign_key :table_name, :users, column: :resource_owner_id
90
84
  ```
91
85
 
92
86
  Then run migrations:
@@ -252,13 +246,13 @@ class Api::V1::ProductsController < Api::V1::ApiController
252
246
  end
253
247
  ```
254
248
 
255
- Please note that there is a logical OR between multiple required scopes. In
249
+ Please note that there is a logical OR between multiple required scopes. In the
256
250
  above example, `doorkeeper_authorize! :admin, :write` means that the access
257
- token is required to have either `:admin` scope or `:write` scope, but not need
258
- have both of them.
251
+ token is required to have either `:admin` scope or `:write` scope, but does not
252
+ need have both of them.
259
253
 
260
- If want to require the access token to have multiple scopes at the same time,
261
- use multiple `doorkeeper_authorize!`, for example:
254
+ If you want to require the access token to have multiple scopes at the same
255
+ time, use multiple `doorkeeper_authorize!`, for example:
262
256
 
263
257
  ```ruby
264
258
  class Api::V1::ProductsController < Api::V1::ApiController
@@ -270,8 +264,8 @@ class Api::V1::ProductsController < Api::V1::ApiController
270
264
  end
271
265
  ```
272
266
 
273
- In above example, a client can call `:create` action only if its access token
274
- have both `:admin` and `:write` scopes.
267
+ In the above example, a client can call `:create` action only if its access token
268
+ has both `:admin` and `:write` scopes.
275
269
 
276
270
  ### Custom Access Token Generator
277
271
 
@@ -319,7 +313,7 @@ token owner.
319
313
 
320
314
  ### Applications list
321
315
 
322
- By default, the applications list (`/oauth/applications`) is public available.
316
+ By default, the applications list (`/oauth/applications`) is publicly available.
323
317
  To protect the endpoint you should uncomment these lines:
324
318
 
325
319
  ```ruby
@@ -333,9 +327,9 @@ end
333
327
 
334
328
  The logic is the same as the `resource_owner_authenticator` block. **Note:**
335
329
  since the application list is just a scaffold, it's recommended to either
336
- customize the controller used by the list or skip the controller at all. For
337
- more information see the page [in the
338
- wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
330
+ customize the controller used by the list or skip the controller all together.
331
+ For more information see the page
332
+ [in the wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
339
333
 
340
334
  ## Other customizations
341
335
 
data/Rakefile CHANGED
@@ -2,7 +2,7 @@ require 'bundler/setup'
2
2
  require 'rspec/core/rake_task'
3
3
 
4
4
  desc 'Default: run specs.'
5
- task :default => :spec
5
+ task default: :spec
6
6
 
7
7
  desc "Run all specs"
8
8
  RSpec::Core::RakeTask.new(:spec) do |config|
@@ -6,7 +6,7 @@ module Doorkeeper
6
6
  ActionController::Rendering,
7
7
  ActionController::Renderers::All,
8
8
  Helpers::Controller
9
- ]
9
+ ].freeze
10
10
 
11
11
  MODULES.each do |mod|
12
12
  include mod
@@ -2,7 +2,7 @@ module Doorkeeper
2
2
  class TokensController < Doorkeeper::ApplicationMetalController
3
3
  def create
4
4
  response = authorize_response
5
- self.headers.merge! response.headers
5
+ headers.merge! response.headers
6
6
  self.response_body = response.body.to_json
7
7
  self.status = response.status
8
8
  rescue Errors::DoorkeeperError => e
@@ -1,15 +1,17 @@
1
- module Doorkeeper::DashboardHelper
2
- def doorkeeper_errors_for(object, method)
3
- if object.errors[method].present?
4
- object.errors[method].map do |msg|
5
- content_tag(:span, class: 'help-block') do
6
- msg.capitalize
7
- end
8
- end.join.html_safe
1
+ module Doorkeeper
2
+ module DashboardHelper
3
+ def doorkeeper_errors_for(object, method)
4
+ if object.errors[method].present?
5
+ object.errors[method].map do |msg|
6
+ content_tag(:span, class: 'help-block') do
7
+ msg.capitalize
8
+ end
9
+ end.join.html_safe
10
+ end
9
11
  end
10
- end
11
12
 
12
- def doorkeeper_submit_path(application)
13
- application.persisted? ? oauth_application_path(application) : oauth_applications_path
13
+ def doorkeeper_submit_path(application)
14
+ application.persisted? ? oauth_application_path(application) : oauth_applications_path
15
+ end
14
16
  end
15
17
  end
data/doorkeeper.gemspec CHANGED
@@ -1,4 +1,4 @@
1
- $:.push File.expand_path("../lib", __FILE__)
1
+ $LOAD_PATH.push File.expand_path("../lib", __FILE__)
2
2
 
3
3
  require "doorkeeper/version"
4
4
 
data/lib/doorkeeper.rb CHANGED
@@ -54,7 +54,7 @@ module Doorkeeper
54
54
  end
55
55
 
56
56
  def self.database_installed?
57
- [AccessToken, AccessGrant, Application].all? { |model| model.table_exists? }
57
+ [AccessToken, AccessGrant, Application].all?(&:table_exists?)
58
58
  end
59
59
 
60
60
  def self.installed?
@@ -10,15 +10,10 @@ module Doorkeeper
10
10
  setup_orm_adapter
11
11
  setup_orm_models
12
12
  setup_application_owner if @config.enable_application_owner?
13
- check_requirements
14
13
  end
15
14
 
16
15
  def self.configuration
17
- @config || (fail MissingConfiguration.new)
18
- end
19
-
20
- def self.check_requirements
21
- @orm_adapter.check_requirements!(configuration)
16
+ @config || (fail MissingConfiguration)
22
17
  end
23
18
 
24
19
  def self.setup_orm_adapter
@@ -136,17 +131,17 @@ doorkeeper.
136
131
  remove_method name if method_defined?(name)
137
132
  define_method name do |*args, &block|
138
133
  # TODO: is builder_class option being used?
139
- value = unless attribute_builder
140
- block ? block : args.first
141
- else
134
+ value = if attribute_builder
142
135
  attribute_builder.new(&block).build
136
+ else
137
+ block ? block : args.first
143
138
  end
144
139
 
145
140
  @config.instance_variable_set(:"@#{attribute}", value)
146
141
  end
147
142
  end
148
143
 
149
- define_method attribute do |*args|
144
+ define_method attribute do |*_args|
150
145
  if instance_variable_defined?(:"@#{attribute}")
151
146
  instance_variable_get(:"@#{attribute}")
152
147
  else
@@ -181,7 +176,7 @@ doorkeeper.
181
176
 
182
177
  option :skip_authorization, default: ->(_routes) {}
183
178
  option :access_token_expires_in, default: 7200
184
- option :custom_access_token_expires_in, default: lambda { |_app| nil }
179
+ option :custom_access_token_expires_in, default: ->(_app) { nil }
185
180
  option :authorization_code_expires_in, default: 600
186
181
  option :orm, default: :active_record
187
182
  option :native_redirect_uri, default: 'urn:ietf:wg:oauth:2.0:oob'
@@ -236,18 +231,6 @@ doorkeeper.
236
231
  @token_grant_types ||= calculate_token_grant_types
237
232
  end
238
233
 
239
- def refresh_token_revoked_on_use?
240
- unless @refresh_token_revoked_on_use.nil?
241
- return @refresh_token_revoked_on_use
242
- end
243
-
244
- @refresh_token_revoked_on_use =
245
- ActiveRecord::Base.connection.column_exists?(
246
- :oauth_access_tokens,
247
- :previous_refresh_token
248
- )
249
- end
250
-
251
234
  private
252
235
 
253
236
  # Determines what values are acceptable for 'response_type' param in
@@ -54,7 +54,7 @@ module Doorkeeper
54
54
 
55
55
  def handle_token_exception(exception)
56
56
  error = get_error_response_from_exception exception
57
- self.headers.merge! error.headers
57
+ headers.merge! error.headers
58
58
  self.response_body = error.body.to_json
59
59
  self.status = error.status
60
60
  end
@@ -15,7 +15,7 @@ module Doorkeeper
15
15
  inverse_of: :access_grants
16
16
  }
17
17
  if defined?(ActiveRecord::Base) && ActiveRecord::VERSION::MAJOR >= 5
18
- belongs_to_options.merge!(optional: true)
18
+ belongs_to_options[:optional] = true
19
19
  end
20
20
 
21
21
  belongs_to :application, belongs_to_options
@@ -28,7 +28,7 @@ module Doorkeeper
28
28
 
29
29
  module ClassMethods
30
30
  def by_token(token)
31
- where(token: token.to_s).limit(1).to_a.first
31
+ find_by(token: token.to_s)
32
32
  end
33
33
  end
34
34
 
@@ -15,7 +15,7 @@ module Doorkeeper
15
15
  inverse_of: :access_tokens
16
16
  }
17
17
  if defined?(ActiveRecord::Base) && ActiveRecord::VERSION::MAJOR >= 5
18
- belongs_to_options.merge!(optional: true)
18
+ belongs_to_options[:optional] = true
19
19
  end
20
20
 
21
21
  belongs_to :application, belongs_to_options
@@ -33,18 +33,18 @@ module Doorkeeper
33
33
 
34
34
  module ClassMethods
35
35
  def by_token(token)
36
- where(token: token.to_s).limit(1).to_a.first
36
+ find_by(token: token.to_s)
37
37
  end
38
38
 
39
39
  def by_refresh_token(refresh_token)
40
- where(refresh_token: refresh_token.to_s).first
40
+ find_by(refresh_token: refresh_token.to_s)
41
41
  end
42
42
 
43
43
  def revoke_all_for(application_id, resource_owner)
44
44
  where(application_id: application_id,
45
45
  resource_owner_id: resource_owner.id,
46
46
  revoked_at: nil).
47
- map(&:revoke)
47
+ each(&:revoke)
48
48
  end
49
49
 
50
50
  def matching_token_for(application, resource_owner_or_id, scopes)
@@ -75,6 +75,7 @@ module Doorkeeper
75
75
  return access_token
76
76
  end
77
77
  end
78
+
78
79
  create!(
79
80
  application_id: application.try(:id),
80
81
  resource_owner_id: resource_owner_id,
@@ -85,13 +86,10 @@ module Doorkeeper
85
86
  end
86
87
 
87
88
  def last_authorized_token_for(application_id, resource_owner_id)
88
- where(application_id: application_id,
89
- resource_owner_id: resource_owner_id,
90
- revoked_at: nil).
91
- send(order_method, created_at_desc).
92
- limit(1).
93
- to_a.
94
- first
89
+ send(order_method, created_at_desc).
90
+ find_by(application_id: application_id,
91
+ resource_owner_id: resource_owner_id,
92
+ revoked_at: nil)
95
93
  end
96
94
  end
97
95
 
@@ -110,7 +108,7 @@ module Doorkeeper
110
108
  scopes: scopes,
111
109
  expires_in_seconds: expires_in_seconds,
112
110
  application: { uid: application.try(:uid) },
113
- created_at: created_at.to_i,
111
+ created_at: created_at.to_i
114
112
  }
115
113
  end
116
114
 
@@ -131,10 +129,16 @@ module Doorkeeper
131
129
  end
132
130
 
133
131
  def generate_token
132
+ self.created_at ||= Time.now.utc
133
+
134
134
  generator = Doorkeeper.configuration.access_token_generator.constantize
135
- self.token = generator.generate(resource_owner_id: resource_owner_id,
136
- scopes: scopes, application: application,
137
- expires_in: expires_in)
135
+ self.token = generator.generate(
136
+ resource_owner_id: resource_owner_id,
137
+ scopes: scopes,
138
+ application: application,
139
+ expires_in: expires_in,
140
+ created_at: created_at
141
+ )
138
142
  rescue NoMethodError
139
143
  raise Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`."
140
144
  rescue NameError
@@ -19,11 +19,11 @@ module Doorkeeper
19
19
 
20
20
  module ClassMethods
21
21
  def by_uid_and_secret(uid, secret)
22
- where(uid: uid.to_s, secret: secret.to_s).limit(1).to_a.first
22
+ find_by(uid: uid.to_s, secret: secret.to_s)
23
23
  end
24
24
 
25
25
  def by_uid(uid)
26
- where(uid: uid.to_s).limit(1).to_a.first
26
+ find_by(uid: uid.to_s)
27
27
  end
28
28
  end
29
29
 
@@ -31,7 +31,7 @@ module Doorkeeper
31
31
 
32
32
  def has_scopes?
33
33
  Doorkeeper.configuration.orm != :active_record ||
34
- Application.new.attributes.include?("scopes")
34
+ Doorkeeper::Application.column_names.include?("scopes")
35
35
  end
36
36
 
37
37
  def generate_uid
@@ -6,7 +6,7 @@ module Doorkeeper
6
6
  included do
7
7
  belongs_to_options = { polymorphic: true }
8
8
  if defined?(ActiveRecord::Base) && ActiveRecord::VERSION::MAJOR >= 5
9
- belongs_to_options.merge!(optional: true)
9
+ belongs_to_options[:optional] = true
10
10
  end
11
11
 
12
12
  belongs_to :owner, belongs_to_options
@@ -23,7 +23,7 @@ module Doorkeeper
23
23
  end
24
24
 
25
25
  def refresh_token_revoked_on_use?
26
- Doorkeeper.configuration.refresh_token_revoked_on_use?
26
+ AccessToken.refresh_token_revoked_on_use?
27
27
  end
28
28
  end
29
29
  end
@@ -20,7 +20,7 @@ module Doorkeeper
20
20
  end
21
21
 
22
22
  def build_query(parameters = {})
23
- parameters = parameters.reject { |k, v| v.blank? }
23
+ parameters = parameters.reject { |_, v| v.blank? }
24
24
  super parameters
25
25
  end
26
26
  end